Idea of timeline on implementation of remaining modules

[anishk123]

Firstly, thanks for implementing a solution for AWS Landing Zone! We use Terraform in our org, so prefer using this over AWS Cloudformation.

I wanted to get an idea of when the other modules will be implemented, and if you are looking fot contributors towards it.

[eistrati]

@anishk123 Thanks for reaching out! We are always open to contributors who are able and eager to add value to open source community overall and this project in particular.

It would be helpful to understand which components are more important to your use cases. Please provide a list of AWS services and AWS resources that you're looking into being supported by this terraform module for AWS Landing Zone module and we'll be happy to provide a better timeline.

To be clear, this module is functionally completed. We are now working on creating additional module's components that cover services like AWS SSO (and couple of others) that are not supported natively by terraform. That's why providing a clear timeline is a challenge, but we would like to do it anyway and hopefully you can help us.

[anishk123]

@eistrati The components most important to our use case are "Account Vending Machine" and "Monitoring and Notifications". We are leaning towards using an external solution for AD and will probably use their setup + AD connector + haven't determined IAM setup yet.

[eistrati]

@anishk123 Thank you!

Good news, AD related component using AWS Directory Service is implemented: https://github.com/TerraHubCorp/terraform-aws-landing-zone/blob/master/components/landing_zone_directory_service_directory/.terrahub.yml#L31 As next step, please check out this blogpost on how to connect external AD with AWS Directory Service via AD Connector: https://aws.amazon.com/blogs/security/how-to-connect-your-on-premises-active-directory-to-aws-using-ad-connector/

Next, IAM related components are pretty easy to address (would estimate a matter of days). What would take more time is "Account Vending Machine" workflow. I will come back with some high level estimations as we move along with IAM and SSO.

Last, but not the least, CloudTrail from "Monitoring and Notifications" workflow is already implemented: https://github.com/TerraHubCorp/terraform-aws-landing-zone/blob/master/components/landing_zone_cloudtrail/.terrahub.yml#L19 Remaining SNS and GuardDuty will take couple of days as well.

Nevertheless, we are now in the process of publishing ROADMAP.md that will address above described components, as well as many others. The added value of this terraform module for AWS Landing Zone solution is that we are also looking forward into integrating non-AWS related services that are supported natively by other terraform providers (e.g. SignalFX or Datadog)

I hope it helps.